Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

w32.desktophijack [CLOSED]

liketo00

Posted 10 September 2005 - 10:38 AM

liketo00

New Member

Member

2 posts

I am new at this and could use some help norton finds but does nothing i am running windows me and internet explorer 6.0.2600 below is my hijack logLogfile of HijackThis v1.99.1Scan saved at 12:35:36 PM, on 9/10/2005Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Advertisements

greyknight17

Posted 10 September 2005 - 10:32 PM

For the step below in RED, when you get up to it, make sure you can CURE that wininet.dll file if it's infected. Otherwise it might be deleted by Panda which is not a good thing.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Download AboutBuster http://www.greyknigh...AboutBuster.zip and unzip the files to a folder on your Desktop. Run AboutBuster and click OK. Click Update button to see if there are any updates. Close the program now.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!. Run CleanUp! and click on the Options button. Uncheck 'Scan local drives for temporary files'. Also uncheck those two Newsgroup entries if you don't want to delete them. Click OK and then click on the CleanUp! button. Let it run. After it's done, choose Yes to logoff.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

Run AboutBuster and click Begin Removal button. Once that's done, just hit the OK button. Click Exit once you are done. Click the OK button and it should exit. Open up the 'Ab LogFile.txt' (which was created in the same folder as AboutBuster) and post the log here.

Run the smitRem.exe tool you downloaded earlier. Follow the prompts on the screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

If you are using Windows 95/98 or Windows ME, you MUST do the following steps that are enclosed in the starting and ending double lines before proceeding any further (if you have problems STOP right now and tell us what the problem is):========================================================================Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

copy c:\windows\system\wininet.dll c:\windows\desktopdel copy.bat

Save the file as "copy.bat". Make sure to save it with the quotes. Double click on it.